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AMENDMENTS IN THE CLAIMS 

1. (currently amended) A method for providing access protection to electronic storage 
devices, said method comprising the steps of: 

providing a device-stored hardware-level security code for a storage device on which is 
stored an electronic file to which user access is restricte d access is d e sired ; 

initializing said security code within said storage device during set-up of said storage 
device, wherein said security code is unique to said storage device and is required to complete all 
accesses to said storage device, including; read accesses and write accesses: 

providing within an operating system (OS) of a user computer an OS-extension that 
enables (I) retrieval of said security code from said storage device to said user computer system 
and (2) blocking access to said storage device bv processes on said user computer system when a 
user-provided code does not match the security code retrieved from the storage device: 

wherein the OS-extension enables use of the hardware-level security code within a 
localized. OS-level security checking process, wherein said hardware-level security code is 
loaded into the OS-level security checking process whenever a user process on the user computer 
system attempts a read or write operation on said storage device: and 

allowing access by said user process to said storage device from the user-computer 
system with, the OS-extension only when e the use r-provided code is determined _by the 
localized, OS-level security checking process to eat e rs a user - cede that matches said hardware- 
level security code. 

2. (currently amended) The method of Claim 1, wherein said initialising further 
comprising th e 3teps of initializing said s e curity cod e within a microcod e of said storag e devic e, 
wherein comprises: 

blocking access to said storage device is-de a ied during said initializing step? 

placing said security code within predetermined bits of a microcode of the storage 
device, wherein said predetermined bits are defaulted to a default value when no security code is 
placed therein* 

3. Canceled 
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4. (currently amended) The method of Claim 3- JL, wherein said defining atop inoludoa: 
adding a hardware Gocurity oodo ohcokitig prooooo to an OS operation for supporting a 

security code comparison with a user acc e ss cod e when a user requests a r e ad and write on said 
storage device is one of multiple storage devices accessible via the OS and each of said multiple 
storage devices is configurable with a unique security code, said method further comprising: 

determining to which one of said multiple storage devices access is being requested; and 
comparing the user-entered code against the particular security code associated with that 
one storage device, wherein access granted/denied to a first one of the multiple storage devices is 
independent of access granted/denied to a second one of said multiple storage devices, wherein 
further the security code of the first device is unique among security codes of the multiple 
available storage devices. 

5. (currently amended) The method of Claim [[4]] I, further comprising the step of: 
receiving at the OS-level a process request for access to said storage device: 
retrieving from the storage device the security code stored with™ -microcode of the device 

and forwarding the security code to the localized, OS-level security checking process: 

evaluating via said hardwar e s e curity cod e ch e cking process said security code returned 

retrieved for a pre-defined default value by oaid filo protocol : and 

in response to said security code having a pro - determined pre-defined default value, 

providing said user with unrestricted access to said storage device. 

6. (currently amended) The method of Claim 5, wherein, when said security code does not 
have said pre-defined default value, said method further comprising - the step of comprises: 

comparing said security code with said user provided access code when said 
authentication code ia not said pr e- doteamined default valu e; 

providing access when said security code matches said user-provided access code: and 
denying access when said security code does not match said user-provided access code . 

7. (currently amended) The method of Claim 5 7 further comprising: the otep of outputting 
on n o c o Gs - d e ay - m e ssag e of said user 
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providing process-based security checks for access to said storage device, wherein an 
access security check is initiated for each read/write access to said storage device bv a different 
process executing on said local user computer system: and 

wherein each process associated with a single application initiated bv the user is provided 
a same user-entered access code as a default and individual processes may be provided a 
hardware-specific access code for the particular storage device to which the process requests 
access , 

8. (currently amended) The method of Claim 7, further comprising the steps of: 

restricting a subsequent request for access to said storage device by a user when said 

security code does not match said user access code during an initial comparison of the codes 

r e qu e st by said user ; and 

when the codes do not matcK automatically terminating at least the process requesting 

access that was a job submitted by said user. 



9. (currently amended) A computer program product comprising: 
a computer readable medium; and 

program instructions stored on said computer readable medium for implementing file 
access protection by: 

providing retrieving a locally-stored hardware-level security code for a driv e remote 
storage device on which is stored an electronic file to which r e stricted user access is restricted 
4es&e d, wherein said security code is placed within said storage device during set-up of said 
storage device, wherein said security code is unique to said remote storage device and is required 
to complete all accesses to said storage device, including read accesses and write accesses: 

providing within an operating system (OS) of a user computer an OS-extension that 
enables (1) retrieval of said security code from said storage device to said user computer system 
and (2) block ing access to said storage device bv processes on said user computer system when a 
user-provided code does not match the security code retrieved from the storage device: 

wherein the OS-extension enables use of the hardware-level security code within a 
localized, OS-level security checking process, wherein said hardware-level security code is 
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loaded into the OS-level security checking process whenever a -user process on the user computer 
system attempts a read or write operation on said remote storage device; and 

allowing access to said storage device only when a the user-provided code is determined 
bv the local. OS-level security checking process to ent e rs a user cod e that matches said 
hardware-level security code is provid e d . 

10. (original) The computer program product of Claim 9, further comprising program 
instructions for initializing said security code within a microcode of said drive, wherein access to 
said drive is denied during said initializing step, 

11. Canceled 

12. (currently amended) The computer program product of Claim 4-t 9, wherein storage 
device is one of multiple storage devices accessible via the OS and each of said multiple storage 
devices is configurable with a unique security code, said program product further comprising 
program instructions for: 

adding a hardwar e security cod e ch e cking process to an OS op e ration for supporting a 
security code comparison with a us e r acc e ss cod e wh e n a user r e quests a read and writ e with 
respect to said stora g e d ev ice? 

determining to which one of said multiple storage devices access is heing requested: and 
comparing the user-entered code against the particular security code associated with that 
one storage device, wherein access granted/denied to a first one of the multiple storage devices is 
independent of access granted/denied to a second one of said multiple storage devices, wherein 
further the security code of the first device is unique among security codes of the multiple 
available storage devices. 

13. (currently amended) The computer program product of Claim 12, further comprising 
program instructions for: 

receiving at the OS-level a process request for access to said storage device; 
retrieving from the storage device the security code stored within microcode of the device 
and forwarding the security code to the localized, OS-level security checking process; 
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evaluating via said hardware security oodo ohoclrihg process said security code return e d 
retrieved for a pre-defined default value by said fil e protocol ; and 

in response to said security code having a pr e det e rmined pre-defined default value, 
providing said user with unrestricted access to said storage device. 

14. (currently amended) The computer program product of Claim 13, wherein, when said 
security code does not have said pre-defined default value, said program product further 
oompriaing comprises program instructions for: 

comparing said security code with said use r-provided code when paid ooourity ood e is 
not said pr e det e rmin e d d e fault valu e; 

providing access when said security code matches said user-provided access code: and 
denying access when said security code does not match said user-provided access code , 

15. • (currently amended) The computer program product of Claim 13, further comprising 
program instructions fori 

outputting on acc es s d e ni e d m e ssag e of said user, and canc e ling th e joh submitt e d by 
& aid - H£ err 

providing process-based security checks for access_to, said storage device, wherein an 
access security check is initiated for each read/write access to said storage device by a different 
process executing on said local user computer system: and 

wherein each process associated with a single application initiated by the user is provided 
a same user-entered access code as a default and individual processes may be provided a 
hardware-specific access code for the particular storage device to which the process requests 
access . 

16. (currently amended) The computer program product of Claim 15, further comprising 
program instructions for: 

restricting a subsequent request for access to said storage device by a user when said 
security code does not match said user access code during an initial comparison of the codes 
r e qu e st by said us e r : and 



AUS920000544US 1 Amendment A 09/732,8 1 0 

-7- 

PAGE 8/18 * RCVD AT 8/1312004 6:51:25 PM [Eastern Daylight Time] * SVR:USPT0-EFXRF-1/4 * DNIS:8729306 * CSID:5123436446 * DURATION (mm-ss):05-36 



.AUG/13/2004/FRI 05:49 PM DILLON & YUDELL, LLP 



FAX No, 5123436446 



P. 009 



when the codes do not matchu automatically terminating at least the process requesting 
access that was submitted bv said user . 

1 7. (currently amended) A data processing system comprising: 
a processor; 

a memory linked to said processor via an interconnect; 
an input/output (I/O) device; 

a drive on which is stored one or more files fox which user-access is restricte d acc e ss is 
desired, said drive also having a hardware-level security code stored thereon and retrievable bv a 
predefined OS-process : and 

an OS executing on said processor that provides support for assigning a hardware-level 
security code for said drive and includes code for implementing the predefined OS-process that 
enables allows user access to said file by us e r only when a use r-provided entered access code 
matches said security cod e, which is retrieved bv said OS in response to a request to access said 
drive . 

18. (currently amended) The data processing system of Claim 17, wherein further said OS 
includes an OS extension by which an assigning of said security code and access to said drive are 
implemented. 

19- (currently amended) The data processing system of Claim 18, wherein further said OS 
extension includes program instructions for: 

adding a remote hardware security code checking «ede process to an OS support of user- 
initiated processes on the data processing system, wherein said security code checking process 
operation for supporting provides a security code comparison with a the use r-provided access 
code when a the user requests a read and write on said drive; and 

identifying specific locations on flash ROM or EEPROM on said drive that houses 
maintains drive microcode on said drive for and initializing said security code within said drive 
microcode. 
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20. (currently amended) The data processing system of Claim 18, wherein further said OS 
extension includes program instructions for: 

evaluating via said hardware security code checking process said security code returned 
by 3oid file protocol ; and 

in response to said security code having a pre-determined default value, providing said 
user with unrestricted access to said drive. 

21. (currently amended) The data processing system of Claim 20, wherein further said OS 
extension process e s includes program instructions for comparing said authentication security 
code with said use r-provided enter e d access code when said authentication security code is not 
said pre-determined default value, 

22. (currently amended) The data processing system of Claim 21, wherein further said OS 
extension further includes program instructions for outputting an access deny message to said 
user when said security code does not match said access code. 

23. (original) The data processing system of Claim 21, further comprising means for 
restricting a subsequent request for access to said storage device by a user when said security 
code does not match said user access code during an initial request by said user. 

24. (currently amended) A storage system comprising: 

a connectable communication medium for connecting to a local computer implementing 
software-based operating system (OS) and user processes: 
a recordable medium for recording data; 

at least one niece of data that is accessible from a user computer that is connected to said 
storage system^wherein said at least one piece of data is not general access data; and 

a security cod e, stored on said storage system, that is unique to said storage system and 
which must be matched against a user-provided code to enable user access from the user 
computer to the at least one piece of data stored on the recordable medium, wherein said security 
code protects said data recorded on said recordable medium from unauthorized access.; 
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means for receiving a request for access to said at least one piece of data on said storage 
medium; and 

means for automatically issuing said security code to a requesting operating system 
extension in response to receipt of said request . 

25. Canceled 

26. Canceled 

28. (New) The method of Claim 8, wherein when the process is a part of a larger job 
containing multiple processes, said method automatically terminates said job when said codes do 
not match. 

29. (New) The computer program product of Claim 16, wherein when the process is a part of 
a larger job containing multiple processes, said program instruction includes program 
instructions for automatically terminating said job when said codes do not match. 
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